blob: 1388a33cf7eea3a5ad9ab69a46b592b6d1bfc6c0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
package pgpverify
import (
"os"
"strings"
"golang.org/x/crypto/openpgp"
)
// PgpVerifier - exported struct used for file verification
type PgpVerifier struct {
Logger Logger
}
// Logger - logging interface
type Logger interface {
Log(msg string)
}
// Verify checks if a file was signed with the correct pgp key
// using a PEM formatted signature and a corresponding public key
func (pgpv *PgpVerifier) Verify(signature string, publicKey string, targetPath string) bool {
keyRingReader := strings.NewReader(publicKey)
signatureReader := strings.NewReader(signature)
verificationTarget, err := os.Open(targetPath)
if err != nil {
pgpv.Logger.Log("Open verification target: " + err.Error())
return false
}
keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
if err != nil {
pgpv.Logger.Log("Read Armored Key Ring: " + err.Error())
return false
}
_, err = openpgp.CheckArmoredDetachedSignature(keyring, verificationTarget, signatureReader)
if err != nil {
pgpv.Logger.Log("Verification failed: " + err.Error())
return false
}
pgpv.Logger.Log("Successfully verified: entity.Identities")
return true
}
|
